CALL US TODAY: (713) 899-9812

The adage, “If momma ain’t happy, ain’t nobody happy,” is a very transferable truism and certainly can apply to working with health care auditors.

Just imagine if your job were to review clinical and billing records all day long, five days a week. Can you envision the frustration that an auditor may experience when clinical records are lacking required reports or notes, are poorly organized, are illegible, are not representative of skilled services, and so on? Another favorite and familiar saying is: “With knowledge comes power.” However, power is only useful if you apply that knowledge prudently. This article aims to help readers prevail with mitigated stress and a broader base of knowledge. The audits reviewed here represent the most common audits therapy providers experience. They are ordered alphabetically without regard to significance.


Many federal payment-related audits were curtailed through the implementation of federal waivers in the early to middle stages of the Public Health Emergency in 2020. Unfortunately, the Centers for Medicare and Medicaid Services (CMS) has resumed audits stating that it has an obligation “to minimize potential future losses to the Medicare Trust Fund by preventing inappropriate Medicare payments.”

In July, CMS posted an updated Frequently Asked Questions document1 on its website stating that its Medicare Administrative Contractors (MACs) were resuming audits as of August 3, 2020. These audits were to include pre-payment medical reviews conducted by the MACs under the Targeted Probe and Education (TPE) program and post-payment reviews conducted by the Medicare Administrative Contractors (MACs), Supplemental Medical Review Contractors (SMRCs),2 and Recovery Audit Contractors (RACs). CMS noted that “all reviews are to be conducted in accordance with statutory and regulatory provisions, as well as related billing and coding requirements. Waivers and flexibilities in place at the time of the dates of service of any claims potentially selected for review will also be applied.”


The Comprehensive Error Rate Testing (CERT) program is a type of audit established by CMS to monitor the accuracy of claim payment in the Medicare Fee-For-Service (FFS) Program. The intent of the program is to protect the Medicare Trust Fund by identifying errors and assessing error rates at both the national and regional levels. Findings from the CERT program are used to identify trends that are driving the errors, such as errors by a specific provider type or service, and to assist with allocation of future program integrity resources. The CERT error rate is also used by CMS to evaluate the performance of Medicare contractors.

The CERT Program issues a letter that requests documentation to support the claim selected. It typically only includes one date of service, which is randomly selected. The request is sent in a golden-colored envelop with a barcoded cover letter that specifies what records are required.

It is important that providers respond to any CERT request in a timely manner as no response or submitting insufficient documentation will result in a CERT denial and recoupment of Medicare payments.


The most frequently conducted audit for therapy providers, as of late 2020, has been the Post-Payment Probe Review. The letter introduction is very similar to the TPE as it relates to reducing improper payment of Medicare claims, but the notice will state Medical Review3 rather than TPE. The body of the letter will state that the service being reviewed was identified through data analysis to ensure services are medically reasonable, billed appropriately, and documentation requirements are met. They will state the number of claims to be reviewed, the targeted CPT Code, a list of documentation to be submitted, applicable deadlines, consequences for failing to submit the requested records and/or missing the submission deadline, their error rate calculation based on dollars denied and how to submit the records requested. The Post-Payment Review letter includes the name, phone number, and email address of the person to contact regarding questions.

The consequences of not submitting records, missing the 45-day submission requirement, having an unacceptably high error rate, or having a pattern or practice of submitting claims that fail to meet Medicare requirements could potentially result in their referral to the Recovery Audit (RAC) or Unified Program Integrity Contractors (UPIC) and/or revocation of billing privileges.


We have not experienced very many RAC4 audits since 2016 when Medicare modified a number of audit criteria including not awarding their contingency fee until after the second level of appeal is exhausted. Previously, recovery auditors were paid immediately upon denial and recoupment of the claim. This delay in payment helps assure providers that the decision made by the recovery auditor was correct based on Medicare’s statutes, coverage determinations, regulations, and manuals.5 However, they are still a force to consider. The Medicare Fee for Service (FFS) Recovery Audit Program’s6 mission is to identify and correct Medicare improper payments through the efficient detection and collection of overpayments made on claims of health care services provided to Medicare beneficiaries, and the identification of underpayments to providers so that the CMS can implement actions that will prevent future improper payments in all 50 states divided into five regions.


Supplemental Review Contractor is a contractor that performs Medicare Medical Review activities as directed by CMS. These contractors are responsible for auditing the $3,000 threshold. This audit is a “targeted” audit, meaning that not all claims exceeding the Medical Review threshold are subject to review as previously performed by the RAC. The review is based on exceeding the $3,000 threshold and demonstrating aberrant billing behavior. These contractors focus on information gathered via data analysis, Comprehensive Error Rate Testing (CERT),7 the Office of Inspector General and the Government Accounting Office reports, external complaints, and RAC-identified vulnerabilities that indicate questionable billing practices.


Many therapy suppliers and providers have been the subjects of Targeted Probe and Education Reviews8 (TPE) since 2017 with varying outcomes and experiences. The TPE program, according to CMS, was designed to help providers and suppliers reduce claim denials and appeals through one-on-one help and had positive results in some cases but was less helpful in others. The TPEs often resulted in a series (more than three rounds per TPE guidelines) of requests for records, followed by educational conferences with someone other than the auditor. Answers were often vague and correlation of findings to education was less than adequate. When COVID-19 hit, TPEs were halted, leaving piles of records in limbo.

If you become a subject of a TPE you will receive a letter from your MAC. The subject line (notice) will identify the type of audit and the round. The letter will include this information: “In order to fulfill our contractual obligation with CMS, [NAME of MAC] performs reviews in accordance with the CMS instruction. CMS has authorized [NAME of MAC] to conduct reviews utilizing a Targeted Probe and Education (PTE) review process. The TPE review process may include up to three rounds of probe review with education. If there are continued high denials after the third round of review, [NAME of MAC] will refer the provider/supplier to CMS for additional action, which may include 100% prepay review, extrapolation, referral to a Recovery Auditor, etc.” Additionally, they relate the consequences of missing deadlines or failure to submit the requested records. They do note that the review can be discontinued, at any time, if appropriate improvement is achieved during the review process.

The letter goes on to communicate the number of random sampled claims, the CPT code(s) targeted, deadlines, and documents to submit per their checklist.


The goal of the UPIC is to identify cases of suspected fraud, investigate them, and take action to ensure any inappropriate Medicare payments are recouped. UPIC actions to detect and deter fraud and abuse may include:

  • Investigating potential fraud and abuse, including interviews and onsite visits
  • Perform medical review, as appropriate
  • Perform data analysis
  • Identify the need for administrative actions, such as payment suspensions and prepayment, or auto-denial edits
  • Refer cases to law enforcement for consideration and initiation of civil or criminal prosecution


Now, on to the “make momma happy” part!

We have found that the manner in which clinical records are submitted from a practice often make an indelible impression on the auditor and can set the mood for the entire auditing event. There is an implied note of respect and commitment to doing things correctly when the submission is on time, is orderly and demonstrates compliance with the Additional Documentation Request (ADR) instructions.

It is paramount that your process for submitting records is consistent and user-friendly. The following tips will help the audit process run smoothly.


  1. Read the Additional Documentation Request/Audit (ADR) letter no less than twice (you will catch key items better the second time after the horror passes).
  2. Save the envelop that the payer sends the ADR in; the postage date is sometimes a defense mechanism if there is a significant amount of time between the date of the letter and the postage date or the date of letter receipt. Most payers use the letter date to set their response deadline.
  3. Make two copies of the entire letter and set them aside; you should work with a copied document only. Separate the list of beneficiaries that are the subjects of the audit from the letter and pull and submit the records in the order in which they occur on the list.
  4. Cross check all the line item information to ensure that you submit the correct patient records.
  5. Review each chart for all items listed below; begin by checking for signed Plans of Care for each Plan of Care period. If there are any unsigned Plans of Care, proceed immediately to obtain those signatures. The Plan of Care period should be evident (from-to dates) to ensure that the physician/NPP certifies all dates of service rendered. The physician/NPP should not back date the certification. Multiple Plans of Care can be signed on the same day, if necessary. If the Plan of Care is considered delayed, explain why it was not signed in a timely manner.
  6. If the signature of the certifying physician is not legible, use the CMS Signature Attestation form and include it with each chart, as applicable.
  7. Provide a copy of the referral, if applicable. If the MAC is requesting a copy of the referral, provide it if available to keep from being controversial (per the Medicare Benefit Policy Manual, this is not required as CMS only requires a certified Plan of Care).
  8. Print out or copy (clean copies are imperative) the following for each individual claim sample requested (use the Chart Organizational Coversheet for each chart audited):
    • ADR Request letter from the payer; CMS usually has a barcode on the first page
    • ADR claim list of beneficiaries (indicate by affixing an * or x on the DOS line associated with the documents in each packet. Do not highlight line items.)
    • Chart Table of Contents Coversheet (check each item present)
    • Copy of claim bills per individual claim sample (CMS 1500 or its electronic version 837P) unless you are advised to exclude them
    • Plan of Care(s)/Re-certified Plan of Care(s) signed and dated; Plans of Care can be dated by the provider as long as the receipt date is noted and initialed. If the Plan of Care certification is longer than 60 days, provide an explanation of why and use a Plan of Care tracking log, fax transmission sheets, etc. to illustrate the effort made to obtain the certification.
    • Progress Report(s) signed by the therapist; no need for physician/NPP signature
    • Evaluation(s) dated and signed by the therapist; only needs the MD’s certifying signature if it includes the Plan of Care
    • Re-evaluation(s), dated and signed by the therapists; only needs the MD’s certifying signature if it includes a Plan of Care
    • Treatment encounter notes (TENs); only include the dates of service (DOS) requested unless directed otherwise or unless additional treatment encounter notes will positively enhance the overall audit. Audit TENs for full compliance (i.e., patient name on each page, 1:1 time in minutes, total visit time in minutes, skilled statement reflecting the therapist’s intervention, treatment language that corresponds to the CPT code billed, the therapist’s signature and professional designation and “assisted by,” if applicable).
    • Discharge report, if applicable
    • Home programs, if applicable
    • Therapist’s signature attestation, if applicable; this will need to be included for each patient on the beneficiary list
    • Abbreviation list (if abbreviations are utilized)
    • Standardized tests (name, purpose, and scale or normative values)
    • Advanced Beneficiary Notice (ABN), if applicable
  9. Number each page of each packet on the bottom right corner and enter the total number of pages for the packet on the Chart Table of Contents Coversheet.
  10. Make two clean, legible, and one-sided only copies of every item listed in number 8. One copy is for the payer/auditor and the other is for the clinic. Do not file your copy in the patient’s chart and keep them all in one location/file.
  11. Use binder clips or rubber bands to secure each chart packet. Do not staple any documents.
  12. Use colored paper to separate each chart packet in the shipping box.
  13. Ship the charts in a secure box via a reliable vendor with tracking capability, indicating:
    • Return receipt requested
    • Signature for delivery requested
    • The address should include each line item noted under the letter’s “submission methods” header including MAC’s name, address, attention to, and project ID
  14. Monitor the shipping status regularly.
  15. Monitor your mail and fax machine for correspondence from the auditor.

Advise your staff to routinely bring all mail from payers (other than remittance advice notices) to your immediate attention. Response times are critical if you need to file an appeal.

Hopefully, you have enhanced your audit repertoire and feel confident that you will “make momma happy” when you have a call for additional documents.



1Centers for Medicare and Medicaid Services. Frequently Asked Questions. Published July 2020.

2Centers for Medicare and Medicaid Services. Supplemental Medical Review Contractor.

3Centers for Medicare and Medicaid Services. Medical Review and Education.

4Centers for Medicare and Medicaid Services. Recovery Audit Contractor Audits.

5Centers for Medicare and Medicaid Services. Program Integrity Manual.

6Centers for Medicare and Medicaid Services. Medicare Fee for Service Recovery Audit Program. Updated August 10, 2020.

7Centers for Medicare and Medicaid Services. Comprehensive Error Rate Testing.

8Centers for Medicare and Medicaid Services. Target Probe and Education.